To ensure fair and secure communication in Mobile Ad hoc Networks (MANETs), the applications running in these networks must be regulated by proper communication policies. However, enforcing policies in MANETs is challenging because they lack the infrastructure and trusted entities encountered in traditional distributed systems. This paper presents the design and implementation of a policy enforcin...
View full abstract»

Most of the existing privacy-preserving techniques, such as k-anonymity methods, are designed for static data sets. As such, they cannot be applied to streaming data which are continuous, transient, and usually unbounded. Moreover, in streaming applications, there is a need to offer strong guarantees on the maximum allowed delay between incoming data and the corresponding anonymized output. To cop...
View full abstract»

The classic problem of determining the diagnosability of a given network has been studied extensively. Under the PMC model, this paper addresses the problem of determining the diagnosability of a class of networks called (1,2)-Matching Composition Networks, each of which is constructed by connecting two graphs via one or two perfect matchings. By applying our results to multiprocessor systems, we ...
View full abstract»

In this work, a scheme for key distribution and network access in a Wireless Sensor Network (WSN) that utilizes Identity-Based Cryptography (IBC) is presented. The scheme is analyzed on the ARM920T processor and measurements were taken for the runtime and energy of its components. It was found that the Tate pairing component of the scheme consumes significant amounts of energy, and so should be po...
View full abstract»

Active worms pose major security threats to the Internet. This is due to the ability of active worms to propagate in an automated fashion as they continuously compromise computers on the Internet. Active worms evolve during their propagation, and thus, pose great challenges to defend against them. In this paper, we investigate a new class of active worms, referred to as Camouflaging Worm (C-Worm i...
View full abstract»

This paper proposes the design of specialized hardware, called Recovery Device, for a dual-redundant computer system that operates in real-time. Recovery Device executes all fault-tolerant services including fault detection, fault type determination, fault localization, recovery of system after temporary (transient) fault, and reconfiguration of system after permanent fault. The paper also propose...
View full abstract»

High-end enterprise storage has traditionally consisted of monolithic systems with customized hardware, multiple redundant components and paths, and no single point of failure. Distributed storage systems realized through networked storage nodes offer several advantages over monolithic systems such as lower cost and increased scalability. In order to achieve reliability goals associated with enter...
View full abstract»

Distributed hash tables (DHTs) share storage and routing responsibility among all nodes in a peer-to-peer network. These networks have bounded path length unlike unstructured networks. Unfortunately, nodes can deny access to keys or misroute lookups. We address both of these problems through replica placement. We characterize tree-based routing DHTs and define MaxDisjoint, a replica placement that...
View full abstract»

Network-based intruders seldom attack their victims directly from their own computer. Often, they stage their attacks through intermediate “stepping stones” in order to conceal their identity and origin. To identify the source of the attack behind the stepping stone(s), it is necessary to correlate the incoming and outgoing flows or connections of a stepping stone. To resist attempts...
View full abstract»

We analyze the security vulnerabilities of PEAS, ASCENT, and CCP, three well-known topology maintenance protocols (TMPs) for sensor networks. These protocols aim to increase the lifetime of the sensor network by only maintaining a subset of nodes in an active or awake state. The design of these protocols assumes that the sensor nodes will be deployed in a trusted, nonadversarial environment, and d...
View full abstract»

In this paper, we present the design of the lightweight Ff family of privacy-preserving authentication protocols for RFID-systems. Ff results from a systematic design based on a new algebraic framework focusing on the security and privacy of RFID authentication protocols. Ff offers user-adjustable, strong authentication, and privacy against known algebraic attacks ...
View full abstract»